rufus777 Posted January 31, 2011 Share Posted January 31, 2011 Does anyone have programmed the virus / worm that has been spread around the email and MSN? Quote Link to comment Share on other sites More sharing options...
Sparda Posted January 31, 2011 Share Posted January 31, 2011 It's illegal to write intentionally malicious software in many countries. Quote Link to comment Share on other sites More sharing options...
Infiltrator Posted January 31, 2011 Share Posted January 31, 2011 I personally find virus/worms engineering a very interesting subject. But to create one, it takes a lot of time and knowledge. Before you can create virus/worm you must understand and have sound knowledge of how an operating system works from inside out. You need to be very proficient with a programming language, if you wish to succeed in creating a computer worm. Secondly you need to ask yourself why do I want to create a worm for, what will it bring about. If I unleash the worm, what the implications will be. If I had the knowledge and the how to create a worm, I would put it to good not evil. Quote Link to comment Share on other sites More sharing options...
Jason Cooper Posted January 31, 2011 Share Posted January 31, 2011 It's illegal to write intentionally malicious software in many countries. An in others it is illegal to knowingly distribute malicious software. One good thing though is that it usually isn't illegal to know how they work. I would suggest reading up old Virus Bulletin or old issues of 40Hex to learn about the basic principles of viruses and worms. Quote Link to comment Share on other sites More sharing options...
Guest Deleted_Account Posted February 1, 2011 Share Posted February 1, 2011 As the other replies mentioned writing a virus is a lot of work. I mean ALOT of work. I have written a hand full of them (ranging from Trojans and worms just plain old destructive viruses). They were all for testing and fun (Wrote them in programing class) but they never left an Isolated VM. I don't recommend even writing one unless you do isolate it. If it gets out you will be blamed. I did all of mine in Assembly but C++ and Java work as well. I wouldn't say mine were awesome but for the time they weren't bad. Kaspersky was the only AV that could detect it. when all the rest big names (avast,norton,avg ETC.) missed it so that goes to show how good Kaspersky is (or how bad my coding/obfuscating was :P). Quote Link to comment Share on other sites More sharing options...
Infiltrator Posted February 1, 2011 Share Posted February 1, 2011 As the other replies mentioned writing a virus is a lot of work. I mean ALOT of work. I have written a hand full of them (ranging from Trojans and worms just plain old destructive viruses). They were all for testing and fun (Wrote them in programing class) but they never left an Isolated VM. I don't recommend even writing one unless you do isolate it. If it gets out you will be blamed. I did all of mine in Assembly but C++ and Java work as well. I wouldn't say mine were awesome but for the time they weren't bad. Kaspersky was the only AV that could detect it. when all the rest big names (avast,norton,avg ETC.) missed it so that goes to show how good Kaspersky is (or how bad my coding/obfuscating was :P). I wonder what kind of techniques Karpersky uses for detecting a virus, it must use other means besides pure signature-based detections, which to be honest its kinda useless if there is a new virus in the wild. Quote Link to comment Share on other sites More sharing options...
Jason Cooper Posted February 1, 2011 Share Posted February 1, 2011 I wonder what kind of techniques Karpersky uses for detecting a virus, it must use other means besides pure signature-based detections, which to be honest its kinda useless if there is a new virus in the wild. Chances were that he was either following tutorials online or just coded part of it in a common way for viruses and one of Karpersky's signatures covers variations of that part. It would have been interesting to see if it identified it as a general virus or a specific one. Quote Link to comment Share on other sites More sharing options...
Guest Deleted_Account Posted February 1, 2011 Share Posted February 1, 2011 Chances were that he was either following tutorials online or just coded part of it in a common way for viruses and one of Karpersky's signatures covers variations of that part. It would have been interesting to see if it identified it as a general virus or a specific one. I should have worded it better. Kaspersky detected it as a "threat" or Potentially unwanted program. It was it the "behavorial" (heuristic) engine that caught it not the signature engine. My virus was to "noticeable" and give it self away. Basically KP saw it trying to do something (infect drivers) and called out saying "hey you shouldn't be doing that". In a matter of speaking =P Quote Link to comment Share on other sites More sharing options...
Infiltrator Posted February 1, 2011 Share Posted February 1, 2011 I should have worded it better. Kaspersky detected it as a "threat" or Potentially unwanted program. It was it the "behavorial" (heuristic) engine that caught it not the signature engine. My virus was to "noticeable" and give it self away. Basically KP saw it trying to do something (infect drivers) and called out saying "hey you shouldn't be doing that". In a matter of speaking =P I knew it was some kind of behavorial (heuristic) engine. Wouldn't this kind of technique give false alarms at times. Quote Link to comment Share on other sites More sharing options...
Jason Cooper Posted February 2, 2011 Share Posted February 2, 2011 Wouldn't this kind of technique give false alarms at times. Yes, but then again so too does signature scanning. It is the difficult case of trying to reduce the number of false negative and false positives, or to put it another way AV that flags up too many files as viruses that aren't are just as bad as those that don't flag up files that are viruses. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.